Apple Wallet Access Program

Documentation
Contact Us

Requirements

This section provides information about the technical and administrative requirements for the integration with Apple. Use this section to evaluate the integration requirements for your organization.

Organizations need to fulfill several key technical and administrative requirements to integrate with the Apple Access platform:

  1. Team Role Assignments
  2. Feature Scope
  3. Security and Authentication
  4. Infrastructure, Connectivity SLAs, and Monitoring
  5. Reader Configuration and Certification
  6. End-to-end Testing
  7. Customer Support

You can learn more about each set of key requirements below.

1. Team Role Assignments

Identify who in your organization will have the ability and authority to fulfill the following roles for the program. Apple will work directly with these individuals and recommends that you have more than one person per role where possible.

If you’re part of a large organization, multiple contacts may need to coordinate the work. In a small organization, it’s OK for a single contact to serve more than one role.

Administrative Roles

The individuals you assign to administrative roles will be responsible for authorizing the program and gathering the information necessary to register your organization with Apple. If necessary, they’ll also help others on your team upload card art, set up server environments, and complete a variety of other tasks. Apple recommends that you identify a backup contact for each of the roles below in case the first is unavailable.

  • Sponsoring exec: A senior member of your organization to oversee your project.
  • Signing authority: A member of your organization who is authorized to sign legal documents with Apple on behalf of your organization.

Technical Roles

The individuals you assign to technical roles will be responsible for answering technical questions related to your integration. For example, depending on the size of your organization, this could be the lead developer assigned to the project or the CTO. Apple recommends that you identify a backup contact, or provide a group mailing list for each of the roles, in case the first contact is unavailable.

  • Technical Contact: A member of your organization responsible for oversight and communication of project progress and technical issues. Usually an Engineering Project Manager or Technical Project Manager.
  • Prod Technical Contact: A member of your organization responsible for production technical questions, end-to end testing, and load testing. Usually a Lead Developer or CTO.
  • On-Call: A member of your organization responsible for responding to production issues, such as outages, certificate expirations, and so on. Usually a Site Reliability Engineer.

2. Feature Scope

As an Apple Wallet Access Program partner, you’ll need to support all of the following program features and use cases:

*Support for either In-App Provisioning or Web Provisioning is required for integration. In-App Provisioning is recommended for a better user experience.

Important
To support a seamless mobile access experience for users, the Credential Manager or the Participating Entity in the program must guarantee that all relevant access readers accept mobile passes in addition to physical contactless cards and fobs.

3. Security and Authentication

Your server-to-server integration with the Apple Access platform must support authentication based on either JWT or mTLS.

The minimum technical security requirements to integrate with the Apple Access platform are:

  • All traffic must be served over HTTPS
  • Servers must support TLS 1.2 and later versions

4. Infrastructure, Connectivity SLAs, and Monitoring

To integrate with the Apple Access platform, you’ll need to demonstrate that your organization can fulfill the following requirements for infrastructure, monitoring, alerts, and server connectivity SLAs.

These requirements ensure that you have the environments necessary to support development, load testing, production, and disaster recovery and that you are prepared to monitor your entire system to mitigate issues and to track performance.

Infrastructure

You’ll need to fulfill the following minimum infrastructure requirements for development environments and disaster recovery.

Environments

You’ll need to set up the following environments to support server-to-server integration:

  • QA: An environment to test functionality, fixes, end-to-end flows, and so on.
  • Load Testing: An environment to test production-readiness. During testing, Apple simulates peak loads from busy times of the year, such as the release of a new operating system or device. The load testing environment should match the hardware stack and capacity of your production environment.
  • Production: A secure environment that manages all use cases for your customers.

Disaster Recovery

The disaster recovery requirements ensure that you can serve traffic out of an alternative data center and cloud region when the primary data center is unavailable or cannot serve traffic.

Your server architecture and disaster recovery configuration will need to fulfill the following requirements:

  • Server architecture hosts services on multiple geographically-distributed data centers and/or cloud regions.

    • Individual data centers and/or cloud regions have fault-tolerant, highly-available (HA) architecture.

    • Individual data centers and/or cloud regions have Active-Active (preferred) or Active-Passive configuration.

      • At a minimum, passive sites have a “hot standby” configuration with minimum interruption of traffic.
  • Disaster recovery configuration supports joint testing with Apple prior to launch.
  • Disaster recovery configuration features a fault detection system that automatically shifts traffic away from a cloud region that is unavailable due to a service disruption to a cloud region that is available.
  • Disaster recovery configurations can failover without any downtime (preferred) or without exceeding 30 minutes of downtime.

Connectivity SLAs

The server SLA (service-level agreement) requirements help ensure server connectivity, performant response times, and accountability for connections to users in your different environments.

Server Connectivity SLAs by Environment

SLAProductionNon-ProductionQA for Automated & Functional Load Testing
p90 Latency2.2 seconds2.2 seconds2.2 seconds
Uptime99.99%98%95%

Notes:

  • p90 Latency SLAs require response times less than 2.2 seconds for at least 90% of calls to the server.
  • Uptime SLAs include both planned and unplanned outages.

Monitoring, Logging, and Metrics

You must be able to meet the following monitoring, logging, and metrics requirements. These requirements ensure that you can track your environments, detect and send alerts for system failures, and identify opportunities to optimize system performance.

Application Logs

You’ll need to collect logs for analysis through a central log management system and retain all application logs for a minimum of 25 days.

API Metrics and KPIs

In addition to the application logs, you’ll need to collect, monitor, and set alerts for the following metrics and KPIs (key performance indicators):

  • p90 latency (90th percentile response times and latency)
  • Apple Access platform HTTP status codes (2XX, 4XX, 5XX) and sub-status codes (2XX.X, 4XX.X, 5XX.X)
  • Connection timeouts
  • Read timeouts
  • TLS errors
  • Trends and anomalies for implemented Apple Access platform APIs

Note
Trends and anomalies include any KPIs that you decide to implement for the Apple Access platform APIs (for example, calls per minute or errors per minute). As the partner, you can decide which KPIs are important and how to manage trends and anomalies. For example, you can use logs or send these metrics to a time series database for storage.

If your organization collects this data in aggregate, make sure that you maintain the granularity of the data.

We recommend that you collect and retain these API Metrics and KPI data for at least 13 months with 18 months preferred. This data helps Apple better identify patterns and assist with investigations.

Certificates

You’ll need to have an automated process in place to monitor and renew your certificates at least 30 days before the certificate expiration date.

Alerts and Responsiveness

To address breaches in any of these performance thresholds, you’ll need to have to a system in place to alert Apple to the priority level of the alert within the corresponding timelines.

Priority LevelPriority DefinitionsEngineering Response SLA
P1System-wide outage or critical services are blockedWithin 15 mins
P2Services are intermittently blocked or are failing for a small fraction of customersDefined with Apple prior to launch
P3Services are impacted for an individual or a very small percentage of customersDefined with Apple prior to launch

5. Reader Configuration and Certification

To integrate with the Apple Access platform, you’ll need to update and configure your access installation readers to meet several requirements.

Reader requirements

Your access installation readers will need to:

  • Support reader firmware updates (remote or local)
  • Fulfill the selected credential technology
  • Support the latest version of the Enhanced Contactless Polling (ECP) protocol from Apple: ECP v2.3 or later
  • Include the Terminal Capabilities Identifier (TCI) values provided by Apple in the ECP protocol implementation

Note
Apple provides the ECP protocol and TCI values to relevant parties during the integration.

Enhanced Contactless Polling (ECP) protocol

The Enhanced Contactless Polling (ECP) protocol from Apple allows readers to broadcast configuration and capability information in the contactless polling loop to Apple devices before the transaction initiates. This contactless polling loop data includes the following values required to support access transaction features:

Terminal Capabilities Identifier (TCI)

This value is linked to the pass credential during provisioning to support Auto-Presentment and Express Mode features on the device. Each pass can be associated with one or multiple TCI values. The TCI value is unique to each access installation. Apple provides the TCI value to the Credential Manager during the integration.

Terminal Info

This is a set of values that encode information about the reader and includes data on whether the reader requires on-device authentication for users through the Terminal Requested Authentication (TRA) feature. This feature allows readers to request authentication from users even when the user has Express Mode turned on for their pass.

Apple IOT certification

Apple conducts extensive interoperability testing (IOT) for all Apple Access platform integrations to ensure consistent reader performance across multiple Apple devices and device generations. Be prepared to test your own access hardware and to work with Apple to certify the readers for your integration. During the integration, Apple shares information with program participants on how to prepare and send readers and other access hardware to Apple for certification.

6. End-to-end Testing

Prior to launch, you’ll work with Apple to conduct extensive integration, load, and end-to-end testing to ensure feature functionality for your Apple Access platform integration. As a partner, you’ll need to provide Apple with test credentials for multiple environments. End-to-end testing will require the Participating Entity to allow Apple to conduct tests on the access property.

7. Customer Support

You’ll need to provide customer support resources for your mobile pass users.

Credential Managers will need to provide the Participating Entity with APIs and other technical tools required to support, diagnose, and resolve any mobile pass issues for users.

Participating Entities will need to offer customer support and technical assistance for mobile passes through their existing customer support channels, such as:

  • iOS app
  • website
  • call center
  • email
  • in-person help desk